Red Hat Delivers Latest Kubernetes Enhancements

Red Hat this week moved to make it easier to operationalize IT environments based on Kubernetes by making the latest versions of Red Hat OpenShift and Red Hat OpenShift Container Storage generally available.

Based on version 1.16 of Kubernetes, Red Hat OpenShift 4.3 adds a range of encryption enhancements, including support for remote enablement of Linux Unified Key Setup-on-disk-format (LUKS) encrypted volumes and the ability to encrypt data at rest. The latest version also meets the encryption requirements specified in the Federal Information Processing Standard (FIPS 140-2 Level 1).

At the same time, Red Hat is making it easier for Kubernetes clusters to access external storage residing on public clouds that support the S3 application programming interface (API). To achieve that goal, Red Hat added a multi-cloud object gateway to Red Hat OpenShift Container Storage 4 based on storage technology it gained with the acquisition last year of NooBaa.

In addition, Red Hat OpenShift Container Storage 4 adds support for Rook, an instance of Operator software for Kubernetes environments that simplifies software deployment on a Kubernetes cluster.

Brian Gracely, senior director for product strategy at Red Hat, says now that developers have brought Kubernetes into enterprise IT environments, the focus is shifting to how to operationalize and secure Kubernetes clusters at scale, especially now that stateful containerized applications that need to access persistent storage are being deployed. Initially, that may require IT organizations to dedicate personnel specifically to managing Kubernetes clusters. However, the longer-term goal should be to eliminate the need for Kubernetes specialists, he says.

To facilitate that transition, Red Hat OpenShift 4.3 now includes a configuration API that allows IT administrators to select the cipher suites that are used by the Ingress controller, API server and OAuth Operator for Transport Layer Security (TLS). That API makes it easier to adhere to existing security and networking standards defined by the IT organization.

Other Red Hat OpenShift 4.3 features include support for open source Prometheus monitoring tools, the ability to forward logs off cluster based on log type, access to a Node Topology Manager and the ability to resize persistent volumes. IT organizations can also extend and customize the OpenShift console.

OpenShift is at the core of the hybrid cloud computing strategy being implemented by Red Hat. IT organizations, for example, can install OpenShift clusters to customer-managed pre-existing VPN/VPC (virtual private network/virtual private cloud) and subnets on Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform, or alternatively install a cluster with private-facing load balancer endpoints that are not publicly exposed to the internet.

Regardless of the approach, Red Hat along with parent company IBM is making a case for retaining control over Kubernetes deployments running on-premises or in the cloud. Naturally, it remains to be seen to what degree Kubernetes will transform what is today a multi-cloud environment into a truly hybrid environment managed via a single control plane. At the very least, however, as Kubernetes continues to evolve and mature the opportunity to create a real hybrid cloud computing environment based on open source platforms spanning multiple clouds has finally arrived.

Mike Vizard

Mike Vizard is a veteran IT journalist with more than 25 years of experience covering the technology industry, having previously served as Editor-in-Chief of both CRN and InfoWorld and as editorial director for Ziff-Davis Enterprise, where he oversaw titles including eWEEK, CIO Insight and Baseline. Over his career he has also edited or contributed to a wide range of enterprise technology publications, including IT Business Edge, Channel Insider, ComputerWorld, TMCNet and Digital Review, and he later led editorial for CTOEdge.com. His reporting and analysis span software development, cloud computing, cybersecurity, IT channel strategy and, more recently, artificial intelligence and DevOps practices. A recognized voice in enterprise IT journalism, Vizard is known for tracking emerging technology trends as they move from early adoption into mainstream enterprise use. He now serves as Chief Content Officer for Techstrong Group, where he oversees editorial strategy across the full network — DevOps.com, Security Boulevard, Cloud Native Now, Digital CxO, Techstrong.ai, TechStrong.IT, Techstrong Semi and PlatformEngineering.com — in addition to writing and hosting content for Techstrong TV and the Techstrong Gang podcast.

    Mike Vizard has 1813 posts and counting. See all posts by Mike Vizard